Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8ea32206-4683-4bc7-99bf-9cc4a2958d84.roa
File: 8ea32206-4683-4bc7-99bf-9cc4a2958d84.roa (raw, json)
Hash identifier: eHJj6pfeseaDRi8hMrTRfO2+OCkmhOlJhhxV38iSQF4=
Subject key identifier: 82:36:22:FB:36:F9:EE:53:B0:BC:D9:F4:1B:11:9B:35:7A:B7:E9:E1
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 315C1518CFF8D41BD9425973ADFA32AB427DCCB1
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8ea32206-4683-4bc7-99bf-9cc4a2958d84.roa
Signing time: Tue 02 Apr 2024 00:00:00 +0000
ROA not before: Tue 02 Apr 2024 00:00:00 +0000
ROA not after: Tue 07 May 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077:5000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 14:10:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:5c:15:18:cf:f8:d4:1b:d9:42:59:73:ad:fa:32:ab:42:7d:cc:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 2 00:00:00 2024 GMT
Not After : May 7 23:59:59 2024 GMT
Subject: serialNumber=9b4d3c15e193c7a16c8adfc50f44bb67bd651e6155bd794092f59b22e323b5cb, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:e8:b8:43:50:60:46:27:7d:36:d9:b4:b9:13:
6c:e5:30:e0:ca:8c:45:9a:ad:c0:07:3e:1b:c1:1e:
91:9d:de:2c:e0:11:d6:51:bf:ba:95:12:1a:2b:48:
7b:4b:48:2a:49:c3:6c:1a:33:62:37:c7:0c:f3:70:
96:8b:91:ed:af:fd:8c:ff:13:3c:10:b2:0c:24:44:
7b:e9:bb:d8:b6:36:f0:80:1b:18:89:4a:a2:8b:06:
8f:ce:0f:b9:b2:89:9a:2b:68:2e:4f:7f:c6:9c:f2:
d7:7e:e4:e6:f7:77:d7:fa:ec:47:bc:a2:5c:0b:15:
05:33:31:d7:87:83:6f:d8:e6:b8:de:63:1c:a6:e9:
5b:df:96:61:89:b8:f1:24:52:67:7d:87:ad:00:70:
46:19:cc:50:60:c7:0d:28:e6:06:4d:70:e6:21:ed:
f4:2b:5b:ef:91:76:76:34:99:f2:0e:45:d4:db:af:
95:8f:94:a7:47:d6:12:5d:96:5d:11:9f:24:4f:09:
54:6e:ad:73:03:ed:36:56:f6:f4:33:39:57:68:ae:
05:ed:4b:07:2b:8a:ca:ef:f2:ca:40:30:ae:47:69:
e3:37:d8:50:bd:2e:e3:d2:50:d5:a3:47:e3:f5:af:
8b:fb:ec:da:dc:2e:ed:1d:39:f5:69:67:c2:b6:c0:
43:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:36:22:FB:36:F9:EE:53:B0:BC:D9:F4:1B:11:9B:35:7A:B7:E9:E1
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8ea32206-4683-4bc7-99bf-9cc4a2958d84.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077:5000::/40
Signature Algorithm: sha256WithRSAEncryption
11:bd:f2:2d:82:8b:8d:af:a4:4f:75:7b:29:af:78:df:1e:bf:
e9:87:75:36:be:fe:e7:a7:58:04:38:7d:b5:d0:b2:83:01:41:
e9:78:56:61:dd:a3:3e:bd:b3:af:93:cc:bb:6a:42:ac:2d:f9:
be:8a:94:59:05:68:bd:db:6c:fa:4d:46:01:01:2f:3b:96:77:
ae:d0:a5:01:84:3e:3d:6c:88:21:99:ef:44:a9:f5:b7:28:64:
b6:51:a8:bd:6f:fe:3e:48:f1:1c:9f:96:9d:39:f6:81:0c:0d:
6e:67:fa:bd:43:b3:e6:f0:68:a8:57:b9:dd:37:51:66:4a:54:
70:58:95:bb:3a:42:d1:59:20:62:aa:06:6f:8e:a8:5a:6a:5e:
d1:a0:0d:49:9e:59:36:3b:06:3a:b3:6a:a5:ca:98:b3:b8:eb:
72:84:74:5b:b5:58:9a:52:84:50:90:15:10:d0:a0:73:31:2c:
ea:1d:d8:98:f5:3d:41:1d:81:5a:16:42:19:62:c9:ca:5e:41:
1a:a2:56:a9:9e:f6:19:12:76:13:53:36:f2:c5:32:d1:fa:20:
cf:f1:1f:e5:b9:4c:bf:0d:a8:f5:ea:d5:f8:1a:a5:05:0e:ab:
4e:6b:21:e4:3b:a4:b6:7c:76:35:f6:a2:99:40:d0:09:ad:3b:
71:af:16:e8
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUMVwVGM/41BvZQllzrfoyq0J9zLEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDA0MDIwMDAwMDBaFw0yNDA1MDcyMzU5NTlaMHoxSTBHBgNV
BAUTQDliNGQzYzE1ZTE5M2M3YTE2YzhhZGZjNTBmNDRiYjY3YmQ2NTFlNjE1NWJk
Nzk0MDkyZjU5YjIyZTMyM2I1Y2IxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOHouENQYEYnfTbZtLkTbOUw4MqMRZqtwAc+G8EekZ3eLOAR1lG/upUSGitI
e0tIKknDbBozYjfHDPNwlouR7a/9jP8TPBCyDCREe+m72LY28IAbGIlKoosGj84P
ubKJmitoLk9/xpzy137k5vd31/rsR7yiXAsVBTMx14eDb9jmuN5jHKbpW9+WYYm4
8SRSZ32HrQBwRhnMUGDHDSjmBk1w5iHt9Ctb75F2djSZ8g5F1NuvlY+Up0fWEl2W
XRGfJE8JVG6tcwPtNlb29DM5V2iuBe1LByuKyu/yykAwrkdp4zfYUL0u49JQ1aNH
4/Wvi/vs2twu7R059WlnwrbAQ5cCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSCNiL7
NvnuU7C82fQbEZs1erfp4TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGVhMzIyMDYtNDY4My00YmM3LTk5YmYtOWNjNGEyOTU4ZDg0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HdQ
MA0GCSqGSIb3DQEBCwUAA4IBAQARvfItgouNr6RPdXspr3jfHr/ph3U2vv7np1gE
OH210LKDAUHpeFZh3aM+vbOvk8y7akKsLfm+ipRZBWi922z6TUYBAS87lneu0KUB
hD49bIghme9EqfW3KGS2Uai9b/4+SPEcn5adOfaBDA1uZ/q9Q7Pm8GioV7ndN1Fm
SlRwWJW7OkLRWSBiqgZvjqhaal7RoA1Jnlk2OwY6s2qlypizuOtyhHRbtViaUoRQ
kBUQ0KBzMSzqHdiY9T1BHYFaFkIZYsnKXkEaolapnvYZEnYTUzbyxTLR+iDP8R/l
uUy/Daj16tX4GqUFDqtOayHkO6S2fHY19qKZQNAJrTtxrxbo
-----END CERTIFICATE-----
Generated at Thu Apr 25 22:33:11 2024 by rpki-client on console-fra.rpki-client.org